May I clarify something? This problem arose with my blog today, for the first time after several years of using WordPress.
My host (Moose Internet Services) went belly up last week and I have had to move hosting to Dreamhost. My newly-installed WordPress is 2.0.4, I was running 2.0.3 previously, with no problems at The Moose.
Dreamhost say this, in their wiki:
"Finally, we have put a tiny little hack of our own in the wp-comments-post.php and wp-comments-popup.php files to try and prevent automated comment spam a bit. If you end up never getting any comment spam, it may be that that little hack was enough!"
Now... I looked at my WP code, and I found the section indicated in this thread. I had a wp-comments-post file with the code at the head (before the requires statement) and a popup file, which had only this piece of code in it.
Alarm bells rang.
We looked at the WordPress official download for 2.0.4 and this code does not appear
What I want to know is - was this code at some time in the official WP release? or was it NEVER there and are all the people who have reported the problem in fact hosted at Dreamhost?
I've commented the code out for now but I need to work out what to do if this is a Dreamhost hack (the code was uncommented!!) and they are likely to reintroduce it with any automatic upgrade processes.
I'd appreciate comments on my thoughts